TWI470566B - Information security synchronous monitor single account system - Google Patents

Information security synchronous monitor single account system Download PDF

Info

Publication number
TWI470566B
TWI470566B TW96108684A TW96108684A TWI470566B TW I470566 B TWI470566 B TW I470566B TW 96108684 A TW96108684 A TW 96108684A TW 96108684 A TW96108684 A TW 96108684A TW I470566 B TWI470566 B TW I470566B
Authority
TW
Taiwan
Prior art keywords
account
host system
list
module
unit
Prior art date
Application number
TW96108684A
Other languages
Chinese (zh)
Other versions
TW200837647A (en
Inventor
Chung Yin Lin
Keh Hwa Shyu
Shiuh Horng Jeng
Liang Shen Wang
Pao Chung Chang
Original Assignee
Chunghwa Telecom Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chunghwa Telecom Co Ltd filed Critical Chunghwa Telecom Co Ltd
Priority to TW96108684A priority Critical patent/TWI470566B/en
Publication of TW200837647A publication Critical patent/TW200837647A/en
Application granted granted Critical
Publication of TWI470566B publication Critical patent/TWI470566B/en

Links

Landscapes

  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Computer And Data Communications (AREA)

Description

資訊安全單一帳號同步監控系統 Information Security Single Account Synchronization Monitoring System

本發明係關於一種資訊安全單一帳號同步監控系統,特別是關於一種用以將複數個主機系統之帳號進行資訊安全帳號集中管理與同步監控。 The invention relates to an information security single account synchronization monitoring system, in particular to a centralized management and synchronous monitoring of an information security account for an account of a plurality of host systems.

隨著目前企業組織將越來越多工作流程導入電子化,造成內部資訊系統變得日益龐大,而基於簡化帳號管理的考量,一般都是使用帳號集中管理系統,如:Active Directory、NIS...等,以將各使用者帳號集中管理。 With the current introduction of more and more workflows into the electronic organization, the internal information system has become increasingly large, and based on the simplified account management considerations, generally use the account centralized management system, such as: Active Directory, NIS.. Etc., to centrally manage each user account.

帳號集中管理系統主要是提供一個帳號申請管道並將所有帳號儲存於帳號資料庫中,進而驗證使用者所用帳號之合法性。然而,傳統帳號集中管理系統只可針對已授權帳號進行集中管理與合法性驗證,對於未授權帳號則無法適時發現並及時阻止,所以並無法維持企業資源於資訊安全上之機密性、完整性、與可利用性。 The account centralized management system mainly provides an account application pipeline and stores all accounts in the account database to verify the legality of the account used by the user. However, the traditional centralized account management system can only perform centralized management and legality verification for authorized accounts. For unauthorized accounts, it cannot be detected and blocked in time, so it cannot maintain the confidentiality and integrity of enterprise resources in information security. With availability.

所以,在帳號管理上為避免受未授權帳號威脅企業資源資訊安全,首先,必須將各使用者與其操作動作聯繫起來,並使其能為自己的行為負責。為了達到這個目的,必須要求每一位使用者以唯一的一組帳號與密碼使用企業內部主機系統資源,也就是進行單一帳號管理。 Therefore, in order to avoid the threat of unauthorized resources threatening enterprise resource information in account management, first of all, each user must be associated with its operational actions and be responsible for their actions. In order to achieve this goal, each user must be required to use the internal host system resources with a unique set of accounts and passwords, that is, to manage a single account.

根據美國主機緊急事件反應小組協調中心(CERT/CC)公布的數據顯示,近年來弱點(Vulnerability)以倍數成長,這使得入侵者有更多機會可滲透到金業內部主機,並於建立違法異動帳號後留下後門(backdoor),以便日後使用此未授權帳號存取機密資料、修改資料內容、或刪除資料。所以,管理人員必須要自行嚴格同步監控其所管轄的每部主機系統是否存在未經授權的違法異動帳號,然後將其刪除。 According to data released by the US Host Emergency Response Team Coordination Center (CERT/CC), Vulnerability has grown exponentially in recent years, which gives intruders more opportunities to penetrate the internal hosts of the gold industry and establish illegal activities. Leave the backdoor behind the account number so that you can use this unauthorized account to access confidential information, modify the content of the data, or delete the data. Therefore, managers must strictly monitor each host system under their jurisdiction to see if there is an unauthorized illegal transaction account and then delete it.

前項所描述的是外部入侵者的威脅,但是更容易忽略的是內部員工的資安問題。使用者於調職或離職後,其所屬所有帳號都應該即時刪除以避免保留原本存取權限,若是該使用者仍可利用此滯留帳號非法存取,此帳號將視為未授權帳號,同樣會對企業資源資訊安全造成 威脅。因此,管理人員也必須要嚴格同步監控其所管轄的每部主機系統是否存在已調職或離職使用者之滯留帳號,並將其刪除。 What the preceding paragraph describes is the threat of external intruders, but it is easier to overlook the internal security issues of internal employees. After the user transfers or leaves the company, all the accounts they belong to should be deleted immediately to avoid retaining the original access rights. If the user can still use this stranded account for illegal access, the account will be regarded as an unauthorized account. Enterprise resource information security Threat. Therefore, managers must also strictly monitor and monitor the retention account of each transferred or resigned user for each host system under their jurisdiction.

除此之外,為於目前可監視資訊安全狀態與未來可調查資訊安全事件,稽核人員必須可隨時產生資訊安全報表。帳號管理之各項操作事件如:新增、刪除、暫停、與複用帳號...等,與各項異常事件如:檢查出未授權帳號時,都必須使用稽核系統將這些事件紀錄於可確保資料完整性與正確性之稽核日誌中。 In addition, auditors must be able to generate information security statements at any time in order to monitor information security status and investigate information security incidents in the future. Account management operations such as: add, delete, pause, and reuse accounts, etc., and various abnormal events such as: when checking out unauthorized accounts, you must use the audit system to record these events. Ensure that the integrity and correctness of the data is in the audit log.

所以,為符合資訊安全帳號管理之目的,違法帳號同步監控、滯留帳號同步監控、以及將操作事件與異常事件紀錄於稽核系統,這些資訊安全作業也是管理人員所必須進行的。 Therefore, in order to comply with the purpose of information security account management, illegal account synchronization monitoring, stranded account synchronization monitoring, and recording of operational events and abnormal events in the auditing system, these information security operations are also required by management personnel.

但是上述習知帳號管理系統之資訊安全作業,管理人員仍必須以手動方式隨時逐一檢查,並於發現未授權帳號時即時刪除。然而隨著資訊架構的擴大,使用者與主機系統的數量亦相對增加,此時管理人員若還是使用上述方式花費大量的人力與時間進行資訊安全帳號管理,將會非常繁瑣且缺乏效率。 However, in the above-mentioned information security operations of the account management system, the administrator must still manually check the files one by one and delete them immediately when an unauthorized account is found. However, with the expansion of the information architecture, the number of users and host systems has also increased. At this time, if managers still use a large amount of manpower and time to manage information security accounts, it will be very cumbersome and inefficient.

由此可見,上述習用方式仍有諸多缺失,實非一良善之設計,而亟待加以改良。 It can be seen that there are still many shortcomings in the above-mentioned methods of use, which is not a good design, but needs to be improved.

本案發明人鑑於上述習用方式所衍生的各項缺點,乃亟思加以改良創新,並經多年苦心孤詣潛心研究後,終於成功研發完成本件資訊安全單一帳號同步監控系統。 In view of the shortcomings derived from the above-mentioned conventional methods, the inventor of the present invention has improved and innovated, and after years of painstaking research, he finally successfully developed and completed this information security single account synchronization monitoring system.

【發明目的】 [Object of the Invention]

本發明之目的在於違法異動帳號自動同步監控、員工調職或離職後滯留帳號自動同步監控、以及將各項操作與異常事件自動紀錄於稽核系統。 The purpose of the invention is to automatically synchronize the monitoring of the illegal transaction account, the automatic synchronization monitoring of the detained account after the employee is transferred or after leaving the company, and automatically record the operations and abnormal events in the auditing system.

達成上述發明目的之資訊安全單一帳號同步監控系統,係包括帳號監控模組、組織人力資源模組、合法帳號清單儲存庫、稽核模組、網路分流模組、與帳號監控代理模組。而帳號監控模組係透過存取合 法帳號清單儲存庫與組織人力資源模組以同步監控違法異動帳號與員工調職或離職後滯留帳號。組織人力資源模組係用以儲存與定時更新企業組織人力資源系統之員工基本資料與單位資料。合法帳號清單儲存庫係用以集中儲存本發明所揭露之資訊安全帳號同步監控系統所需管理資料與合法狀態。稽核模組係用以紀錄操作事件與異常事件,並於簽章後保存於受保護之儲存裝置中,以保證稽核資料完整性與正確性。網路分流模組係用以涵蓋分割出來之子網域內所有主機系統,並將帳號管理命令跨子網域傳送之中介裝置。 The information security single account synchronization monitoring system for achieving the above object includes an account monitoring module, an organization human resource module, a legal account list repository, an audit module, a network distribution module, and an account monitoring agent module. The account monitoring module is accessed through access The legal account list repository and the organization human resource module are used to synchronously monitor illegal transaction accounts and employee retention or post-employment retention accounts. The organization human resources module is used to store and regularly update the employee basic data and unit data of the enterprise organization human resource system. The legal account list repository is used to centrally store the management data and legal status required by the information security account synchronization monitoring system disclosed in the present invention. The audit module is used to record operational events and abnormal events, and is stored in the protected storage device after the signature to ensure the integrity and correctness of the audit data. The network offloading module is an intermediary device that covers all host systems in the subnet domain that are segmented and transmits account management commands across subdomains.

而由於目前企業組織資訊架構針對不同需求常需要多種異質作業平台,常用為:Windows、Unix、與Linux。但此幾種異質作業平台之帳號管理方式並無法完全相容,所以必須為每種作業平台提供一種帳號監控代理模組。而各種帳號監控代理模組只有於各種作業平台執行帳號異動指令方式不同外,基本功能則都相同,包括:檢查所在主機系統上帳號是否發生違法異動帳號情況。 Because the current organization information architecture often requires multiple heterogeneous operating platforms for different needs, commonly used: Windows, Unix, and Linux. However, the account management methods of these heterogeneous operating platforms are not fully compatible, so an account monitoring proxy module must be provided for each operating platform. The various account monitoring agent modules only have different account operation commands in various operating platforms, and the basic functions are the same, including: checking whether the account on the host system has an illegal transaction account.

本發明與習知帳號管理系統明顯不同之處在於,本發明係利用帳號監控模組達到違法異動帳號自動同步監控,並利用集中管理儲存庫與組織人力資源模組達到員工調職或離職後滯留帳號自動同步監控,最後透過網路分流模組、Windows帳號管理代理模組、Unix帳號管理代理模組、與Linux帳號管理代理模組達到複數個主機系統帳號自動同步異動,此外再利用稽核模組於簽章後紀錄操作事件與異常事件,以保證稽核資料完整性與正確性。因此本發明所提出技術,並非發明所屬技術領域中具有通常知識者可輕易結合改變完成。 The invention is obviously different from the conventional account management system in that the invention utilizes the account monitoring module to achieve automatic synchronization monitoring of the illegal transaction account, and uses the centralized management repository and the organization human resource module to reach the employee retention account after leaving the job or leaving the post. Automatic synchronization monitoring, and finally through the network distribution module, Windows account management agent module, Unix account management agent module, and Linux account management agent module to achieve automatic synchronization of multiple host system accounts, in addition to using the audit module After the signature, the operation events and abnormal events are recorded to ensure the integrity and correctness of the audit data. Therefore, the technology proposed by the present invention can be easily combined with the change without the ordinary knowledge in the technical field of the invention.

請配合參照圖1,本發明之較佳具體實施例包括:帳號監控模組2、組織人力資源模組3、合法帳號清單儲存庫4、稽核模組5、網路分流模組6、與帳號監控代理模組7。其中帳號監控模組2係用以透過存取合法帳號清單儲存庫4與組織人力資源模組3以同步監控違法異動帳號與員工調職或離職後滯留帳號。其中同步監控違法異動帳號,由於同時檢查所有主機系統所有帳號,將會花費帳號監控模組2大量系統 資源與網路頻寬,所以本系統採取先由帳號監控代理模組自行檢查是否帳號有違法異動情況,當發生違法異動情況時,才由帳號監控模組2比對合法帳號清單儲存庫4並檢查出違法異動帳號與作同步處理,以減少帳號監控模組2所花費之系統資源與網路頻寬。至於組織人力資源模組3係用以存取金業組織人力資源系統之員工基本資料與單位資料,並儲存與定時更新。合法帳號清單儲存庫4係用以集中儲存本發明所揭露之系統所需管理資料與合法狀態。稽核模組5係用以接受操作與異常事件之紀錄,並於簽章後保存於受保護之儲存裝置中,以保證稽核資料完整性與正確性。網路分流模組6係用以涵蓋分割出來之子網域內所有主機系統,並將帳號管理命令跨子網域傳送之中介裝置。而當網路分流模組6接收到帳號監控模組2所傳送帳號異動命令時,需解析此異動命令中目標主機系統代碼,並向子網域內對應之主機系統11傳送,此處子網域包括真實網域與虛擬網域。帳號監控代理模組7為在主機系統1上代理管理人員執行各種異質作業平台帳號異動指令,以及定時檢查所在主機系統11上帳號是否發生違法異動帳號,並於此情況發生時,將所在主機系統11之帳號與密碼傳送至帳號監控模組2,以進行檢查出違法異動帳號。需注意者,本發明所揭露之主機系統11之帳號監控代理模組7為非限制性,任何於其它作業平台上與本發明提供之帳號監控代理模組7基本功能相同者之等效修改或變更,均未脫離本發明之精神與範疇,並包含於後附之申請專利範圍中。 Referring to FIG. 1 , a preferred embodiment of the present invention includes: an account monitoring module 2, an organization human resource module 3, a legal account list repository 4, an audit module 5, a network distribution module 6, and an account number. Monitoring agent module 7. The account monitoring module 2 is used to access the legal account list repository 4 and the organization human resource module 3 to synchronously monitor the illegal transaction account and the post-employment or post-employment account. Among them, the illegal monitoring of the illegal transaction account, due to the simultaneous inspection of all the accounts of all the host systems, will cost the account monitoring module 2 a large number of systems Resources and network bandwidth, so the system adopts the account monitoring agent module to check whether the account is illegal or not. When the illegal transaction occurs, the account monitoring module 2 compares the legal account list repository 4 and Check the illegal transaction account and synchronize processing to reduce the system resources and network bandwidth spent by the account monitoring module 2. The organization human resources module 3 is used to access the basic information and unit data of the staff of the gold industry organization human resources system, and to store and update regularly. The legal account list repository 4 is used to centrally store the management data and legal status required by the system disclosed in the present invention. The audit module 5 is used to accept records of operations and abnormal events, and is stored in the protected storage device after the signature to ensure the integrity and correctness of the audit data. The network offloading module 6 is an intermediary device for covering all host systems in the divided subdomain and transmitting account management commands across subdomains. When the network offload module 6 receives the account transaction command transmitted by the account monitoring module 2, the target host system code in the transaction command needs to be parsed and transmitted to the corresponding host system 11 in the subdomain, where the subdomain is Includes real domains and virtual domains. The account monitoring agent module 7 is configured to perform various heterogeneous job platform account transaction commands on the host system 1 and periodically check whether the account on the host system 11 is in an illegal transaction account, and when the situation occurs, the host system is located. The account number and password of 11 are transmitted to the account monitoring module 2 to check the illegal transaction account. It should be noted that the account monitoring agent module 7 of the host system 11 disclosed in the present invention is not limited, and any equivalent modification of the basic functions of the account monitoring agent module 7 provided by the present invention on other operating platforms may be The changes are not departing from the spirit and scope of the invention and are included in the scope of the appended claims.

為了要能更清楚本發明所揭露之資訊安全單一帳號同步監控系統,以下將分別說明本發明如何達到違法異動帳號同步監控、員工調職或離職後滯留帳號同步監控、以及將各項操作與異常事件紀錄於稽核系統之方法。 In order to better understand the information security single account synchronization monitoring system disclosed in the present invention, the following will respectively explain how the invention achieves synchronization monitoring of illegal transaction accounts, synchronous monitoring of employee transfer or post-employment retention, and various operations and abnormal events. Documented in the audit system.

請參閱圖2,此處說明為可以清楚聚焦於同步監控違法異動帳號之方法,所以省略圖1中之網路分流模組6,實際上仍必須透過網路分流模組6傳送。而由於隨時同步監控違法異動帳號將會花費大量系統資源與網路頻寬,所以本發明較佳具體實施例採取定時同步監控方式, 亦即每隔一段間隔時間監控一次違法異動帳號並於需要時同步處理。如圖2所示,首先主機系統11第一次連線到於本系統時,帳號監控代理模組7會進行初始化動作。此動作係由帳號摘要產生單元33讀取主機系統11上之系統帳號密碼資料34,然後將所有帳號密碼一個接一個以雜湊函數(hash function)計算過後產生一個新帳號摘要36。接著帳號監控代理模組7會將此新帳號密碼摘要36與系統帳號密碼資料34傳送到帳號監控模組2,再由帳號監控模組2將新帳號摘要36與系統帳號密碼資料34分別存進合法帳號清單儲存庫4之主機系統舊密碼摘要31與主機系統預設帳號列表32,其中主機系統舊密碼摘要31係用以儲存主機系統舊帳號摘要,而此列表至少包含可識別之主機系統名稱與舊帳號摘要等;主機系統預設帳號列表32係用以儲存主機系統之預設帳號列表,該預設帳號係為可執行某服務或應用程式所需於主機系統上所建立之帳號,而此列表至少包含可識別之主機系統名稱、與預設帳號名稱等。當完成主機系統11初始化動作後,由管理人員進行預設帳號篩選動作,並刪除不需要之預設帳號。在初始化與管理人員篩選預設帳號動作完成後,主機系統11即為上線狀態。一旦主機系統11為上線狀態之後,帳號監控代理模組7中之定時帳號摘要檢查單元35會每隔間隔時間1分鐘將所有帳號密碼由帳號摘要產生單元33再次一個接一個以雜湊函數產生一個新帳號摘要36,並同時透過帳號監控模組2存取合法帳號清單儲存庫4之主機系統舊密碼摘要31,然後將新帳號摘要36與主機系統舊密碼摘要31進行比對動作。當比對結果相同時,則表示主機系統11上之帳號密碼並無任何異動,所以將不做任何處理並等待下次的檢查程序。但若是當比對結果不同時,也就表示主機系統11上之帳號密碼曾經被異動,此時帳號監控代理模組7會將主機系統11上本端帳號列表傳送到帳號監控模組2。接著,帳號監控模組2將存取合法帳號清單儲存庫4之使用者帳號與主機系統關係列表21以及主機系統預設帳號列表32,並組合成主機系統11之合法帳號列表,然後由帳號比對單元30將主機系統11之本端帳號列表與主機系統11之合法帳號列表逐一進行比對。當主機系統本端帳號列表與主 機系統合法帳號列表比對出不一致帳號時,該帳號即為違法異動帳號,帳號監控模組2之帳號同步單元23將依據合法帳號清單儲存庫4所紀錄之合法帳號列表對主機系統11進行帳號同步管理,也就是傳送刪除該帳號命令至帳號監控代理模組7。所以,藉由上述帳號監控代理模組7帳號異動檢查程序,將可定時監控各主機系統上之是否存在違法異動帳號。本發明較佳具體實施例可處理之違法異動帳號包括入侵者滲透內部資訊架構後新增、管理人員不透過本系統操作而直接於主機系統上新增帳號等異常事件、管理人員誤刪主機系統上之某帳號、以及使用者自行於主機系統修改帳號之密碼。需注意者,本最佳實施例之帳號監控代理模組帳號檢查間隔時間為1分鐘,但此間隔時間為可修改之系統變數,也就是管理人員可視實際需要調整而不影響本發明之精神與範疇。 Please refer to FIG. 2 , which illustrates that the method for synchronously monitoring the illegal transaction account can be clearly focused. Therefore, the network offload module 6 in FIG. 1 is omitted, and actually must be transmitted through the network offload module 6 . However, since the synchronization of the illegal transaction account at any time will cost a lot of system resources and network bandwidth, the preferred embodiment of the present invention adopts a timing synchronization monitoring mode. That is, the illegal transaction account is monitored at intervals and synchronized as needed. As shown in FIG. 2, when the host system 11 is first connected to the system, the account monitoring agent module 7 performs an initialization operation. This action is performed by the account summary generating unit 33 to read the system account password data 34 on the host system 11, and then all the account passwords are calculated one by one by a hash function to generate a new account summary 36. Then, the account monitoring agent module 7 transmits the new account password summary 36 and the system account password data 34 to the account monitoring module 2, and then the account monitoring module 2 stores the new account summary 36 and the system account password data 34 separately. The host system old password summary 31 and the host system default account list 32 of the legal account list repository 4, wherein the host system old password summary 31 is used to store the host system old account summary, and the list includes at least the identifiable host system name. And the old account summary, etc.; the host system default account list 32 is used to store a preset account list of the host system, and the preset account is an account created on the host system required to execute a service or application, and This list contains at least the identifiable host system name, the default account name, and so on. After the initialization of the host system 11 is completed, the administrator performs a preset account screening action and deletes the preset account that is not required. After the initialization and management personnel filter the preset account action, the host system 11 is in the online state. After the host system 11 is in the online state, the timed account summary checking unit 35 in the account monitoring agent module 7 will generate all new passwords by the account summary generating unit 33 one by one at intervals of one minute at a time interval to generate a new one by a hash function. The account summary 36, and simultaneously accesses the host system old password summary 31 of the legal account list repository 4 through the account monitoring module 2, and then compares the new account summary 36 with the host system old password summary 31. When the comparison result is the same, it means that there is no change in the account password on the host system 11, so no processing will be done and the next check procedure will be awaited. However, if the comparison result is different, it means that the account password on the host system 11 has been changed. At this time, the account monitoring agent module 7 transmits the local account list on the host system 11 to the account monitoring module 2. Then, the account monitoring module 2 accesses the user account and host system relationship list 21 of the legal account list repository 4 and the host system preset account list 32, and combines them into a legal account list of the host system 11, and then the account number ratio. The unit 30 compares the local account list of the host system 11 with the legal account list of the host system 11 one by one. When the host system local account list and the main When the legal system account list is compared with the inconsistent account, the account is an illegal transaction account, and the account synchronization unit 23 of the account monitoring module 2 will perform an account on the host system 11 according to the legal account list recorded in the legal account list repository 4. Synchronization management, that is, transmitting and deleting the account command to the account monitoring agent module 7. Therefore, with the above account monitoring agent module 7 account transaction check program, it is possible to regularly monitor whether there is an illegal transaction account on each host system. The illegal transaction account that can be processed in the preferred embodiment of the present invention includes an abnormal event such as an intruder infiltrating the internal information structure, an abnormal event such as an account added directly by the administrator directly to the host system through the operation of the system, and a management personnel accidentally deleting the host system. An account on the account and the password of the user to modify the account on the host system. It should be noted that the account monitoring agent module account checking interval of the preferred embodiment is 1 minute, but the interval is a modifiable system variable, that is, the manager can adjust according to actual needs without affecting the spirit of the present invention. category.

至於同步監控員工調職或離職後滯留帳號之方法,如圖3所示,此處同樣為可以清楚聚焦於方法說明,所以省略圖1中之網路分流模組6。而由於隨時同步監控員工調職或離職後滯留帳號同樣將會花費大量系統資源與網路頻寬,所以本發明較佳具體實施例同樣採取定時同步監控,亦即每隔一段間隔時間監控一次員工調職或離職後滯留帳號並於需要時同步處理。首先,帳號監控模組2之定時員工單位檢查單元37將會每隔間隔時間1小時定時從合法帳號清單儲存庫4存取使用者帳號列表19,然後再透過組織人力資源模組3存取員工單位資料38,其中員工單位資料38係用以紀錄組織內部所有員工所隸屬的各級單位資料。當發現某位使用者帳號於員工單位資料38中查無資料時,即是此員工已離職之情形;若是員工單位資料38與合法帳號清單儲存庫4中的單位資料不符時,即是此員工已調職之情形。不論員工為已經調職或離職之情形,該使用者帳號都視為滯留帳號。帳號監控模組2會再向合法帳號清單儲存庫4之使用者帳號與主機系統關係列表21查詢有哪些主機系統11存在該滯留帳號,並且透過帳號同步單元23對這些複數個主機系統11進行帳號同步管理,也就是將刪除帳號命令傳送到此複數個主機系統11之帳號監控代理模組7,最後由帳號監控代理 模組7執行刪除帳號動作。藉此方式,將可於固定的時間間隔下檢查所有使用者於人力資源資料中是否有調職或離職之情形,以便達到定時監控組織是否存在員工調職或離職所產生之滯留帳號。需注意者,本最佳實施例之組織人力資源檢查間隔時間為1小時,但此間隔時間為可修改之系統變數,也就是管理人員可視實際需要調整而不影響本發明之精神與範疇。 As for the method of synchronously monitoring the employee's transfer or resignation after leaving the company, as shown in FIG. 3, the same can be clearly focused on the method description, so the network shunt module 6 in FIG. 1 is omitted. However, since the simultaneous monitoring of the employee's transfer or the retiring account after leaving the company will also cost a lot of system resources and network bandwidth, the preferred embodiment of the present invention also adopts synchronous monitoring at the same time, that is, monitoring the employee transfer at intervals. Or stay in the account after leaving the company and process it as needed. First, the timed employee unit checking unit 37 of the account monitoring module 2 will periodically access the user account list 19 from the legal account list repository 4 at intervals of one hour, and then access the employee through the organization human resource module 3. Unit data 38, in which employee unit data 38 is used to record the information of all units attached to all employees within the organization. When it is found that a user account has no information in the employee unit data 38, the employee has left the company; if the employee unit data 38 does not match the unit data in the legal account list repository 4, the employee is The situation has been transferred. This user account is considered a detained account regardless of whether the employee has been transferred or resigned. The account monitoring module 2 will further query the user account and host system relationship list 21 of the legal account list repository 4 which host systems 11 have the resident account, and perform account numbers on the plurality of host systems 11 through the account synchronization unit 23. Synchronous management, that is, the delete account command is transmitted to the account monitoring agent module 7 of the plurality of host systems 11, and finally the account monitoring agent The module 7 performs an action of deleting an account. In this way, it is possible to check whether all users have transferred or resigned in the human resources data at a fixed time interval, so as to achieve regular monitoring of whether the organization has a detained account generated by employee transfer or resignation. It should be noted that the organization human resource inspection interval of the preferred embodiment is 1 hour, but the interval is a modifiable system variable, that is, the manager can adjust according to actual needs without affecting the spirit and scope of the present invention.

本發明亦提供可自動將操作事件與異常事件紀錄於稽核系統之方法。如圖4所示,帳號監控模組2包含稽核寫入單元40,而稽核模組5係包括稽核核心單元42與稽核儲存媒體43。其作業程序為,帳號監控模組2所檢查出來之帳號異常事件透過稽核寫入單元40傳送到稽核核心單元42。透過稽核核心單元42將欲紀錄之事件簽章後,連同事件形式、時間日期、操作人員類型、操作人員帳號、異動來源、與異動事件儲存於稽核儲存媒體43中,其中稽核儲存媒體43係用以儲存稽核資料,可以是受保護之檔案或資料庫。 The present invention also provides a method for automatically recording operational events and abnormal events in an auditing system. As shown in FIG. 4, the account monitoring module 2 includes an audit writing unit 40, and the audit module 5 includes an audit core unit 42 and an audit storage medium 43. The operating program is that the account abnormality event detected by the account monitoring module 2 is transmitted to the audit core unit 42 through the audit writing unit 40. After the signature of the event to be recorded is verified by the audit core unit 42, together with the event form, time and date, operator type, operator account number, transaction source, and transaction event, the audit storage medium 43 is used, wherein the audit storage medium 43 is used. To store audit data, it can be a protected file or database.

承上所述,本發明所揭露之資訊安全單一帳號同步監控系統並不限定以硬體、軟體、韌體、或混合使用方式來實現。 As described above, the information security single account synchronization monitoring system disclosed in the present invention is not limited to being implemented in hardware, software, firmware, or a mixed use manner.

【特點及功效】 [Features and effects]

本發明所提供之資訊安全單一帳號同步監控系統,與其他習用技術相互比較時,更具備下列優點: The information security single account synchronization monitoring system provided by the invention has the following advantages when compared with other conventional technologies:

1.本發明可提供一種符合資訊安全標準且有效率的複數個主機系統之帳號同步監控。 1. The present invention can provide an account synchronization monitoring of a plurality of host systems that meet the information security standards and are efficient.

2.本發明於眾多使用者與主機系統之資訊架構下,得以節省管理人力與時間,使得企業將降低資訊安全作業成本與資訊安全損失成本。 2. The invention saves management manpower and time under the information structure of many users and the host system, so that the enterprise will reduce the cost of information security operation and the cost of information security loss.

上列詳細說明乃針對本發明之一可行實施例進行具體說明,惟該實施例並非用以限制本發明之專利範圍,凡未脫離本發明技藝精神所為之等效實施或變更,均應包含於本案之專利範圍中。 The detailed description of the present invention is intended to be illustrative of a preferred embodiment of the invention, and is not intended to limit the scope of the invention. The patent scope of this case.

綜上所述,本案不僅於技術思想上確屬創新,並具備習用之傳統方 法所不及之上述多項功效,已充分符合新穎性及進步性之法定發明專利要件,爰依法提出申請,懇請 貴局核准本件發明專利申請案,以勵發明,至感德便。 In summary, this case is not only innovative in terms of technical thinking, but also has a traditional way of learning. The above-mentioned multiple functions that are beyond the reach of the law have fully complied with the statutory invention patent requirements of novelty and progressiveness. If you apply in accordance with the law, you are requested to approve the application for the invention patent in order to encourage the invention.

2‧‧‧帳號監控模組 2‧‧‧ Account Monitoring Module

3‧‧‧組織人力資源模組 3‧‧‧Organization of Human Resources Module

4‧‧‧合法帳號清單儲存庫 4‧‧‧ legal account list repository

5‧‧‧稽核模組 5‧‧‧ audit module

6‧‧‧網路分流模組 6‧‧‧Network shunt module

7‧‧‧帳號監控代理模組 7‧‧‧ Account Monitoring Agent Module

11‧‧‧主機系統 11‧‧‧Host system

21‧‧‧使用者帳號與主機系統關係列表 21‧‧‧User account and host system relationship list

23‧‧‧帳號同步單元 23‧‧‧ Account Synchronization Unit

30‧‧‧帳號比對單元 30‧‧‧ account comparison unit

31‧‧‧主機系統舊帳號摘要 31‧‧‧Summary of the old account of the host system

32‧‧‧主機系統預設帳號列表 32‧‧‧Host system default account list

33‧‧‧帳號摘要產生單元 33‧‧‧ Account Summary Generation Unit

34‧‧‧系統帳號密碼資料 34‧‧‧System account password information

35‧‧‧定時帳號摘要檢查單元 35‧‧‧Timed Account Summary Check Unit

36‧‧‧新帳號摘要 36‧‧‧New Account Summary

37‧‧‧定時員工單位檢查單元 37‧‧‧Timed Staff Unit Inspection Unit

38‧‧‧員工單位資料 38‧‧‧Employee data

40‧‧‧稽核寫入單元 40‧‧‧ audit writing unit

42‧‧‧稽核核心單元 42‧‧‧ audit core unit

43‧‧‧稽核儲存媒體 43‧‧‧ audit storage media

請參閱以下有關本發明之詳細說明及其附圖,將可進一步瞭解本發明之技術內容及其目的功效;有關附圖為:圖1為本發明資訊安全單一帳號同步監控系統示意圖;圖2為該資訊安全單一帳號同步監控系統之定時監控帳號並檢查違法帳號方式示意圖;圖3為該資訊安全單一帳號同步監控系統之定時監控帳號並檢查滯留帳號方式示意圖;以及圖4為該資訊安全單一帳號同步監控系統之稽核操作事件與異常事件方式示意圖。 The following is a detailed description of the present invention and its accompanying drawings, and the technical contents of the present invention and the functions thereof are further understood. FIG. 1 is a schematic diagram of the information security single account synchronization monitoring system of the present invention; FIG. The information security single account synchronization monitoring system periodically monitors the account and checks the illegal account mode diagram; FIG. 3 is a schematic diagram of the information security single account synchronization monitoring system timing monitoring account and checking the detained account mode; and FIG. 4 is the information security single account Schematic diagram of the audit operation events and abnormal events of the synchronous monitoring system.

2‧‧‧帳號監控模組 2‧‧‧ Account Monitoring Module

4‧‧‧合法帳號清單儲存庫 4‧‧‧ legal account list repository

7‧‧‧帳號監控代理模組 7‧‧‧ Account Monitoring Agent Module

11‧‧‧主機系統 11‧‧‧Host system

21‧‧‧使用者帳號與主機系統關係列表 21‧‧‧User account and host system relationship list

23‧‧‧帳號同步單元 23‧‧‧ Account Synchronization Unit

30‧‧‧帳號比對單元 30‧‧‧ account comparison unit

31‧‧‧主機系統舊帳號摘要 31‧‧‧Summary of the old account of the host system

32‧‧‧主機系統預設帳號列表 32‧‧‧Host system default account list

33‧‧‧帳號摘要產生單元 33‧‧‧ Account Summary Generation Unit

34‧‧‧系統帳號密碼資料 34‧‧‧System account password information

35‧‧‧定時帳號摘要檢查單元 35‧‧‧Timed Account Summary Check Unit

36‧‧‧新帳號摘要 36‧‧‧New Account Summary

Claims (6)

一種資訊安全單一帳號同步監控系統,用以將複數個主機系統之帳號於進行資訊安全帳號同步監控,係指違法異動帳號定時同步監控、員工調職或離職後滯留帳號定時同步監控、以及操作與異常事件稽核系統紀錄,其中包括:一帳號監控模組,係用以比對合法帳號清單儲存庫並找出主機系統之違法異動帳號,並且定時透過組織人力資源模組檢查所有使用者隸屬員工並找出調職或離職滯留帳號,最後向存在違法異動帳號與滯留帳號之帳號監控代理模組傳送帳號異動命令,其中該帳號監控模組包括:一帳號比對單元,係用以將帳號監控代理模組所傳送之所有帳號密碼向合法帳號列表逐一進行比對,若是當比對結果不同時,即視為違法異動帳號;一定時員工單位檢查單元,係用以每隔間隔時間從合法帳號清單儲存庫存取使用者帳號列表,然後再逐一透過組織人力資源模組存取員工單位資料檢查是否為已經調職或離職員工,當發現某位使用者帳號為調職或離職狀態時,即視為滯留帳號;一帳號同步單元,係用以將帳號比對單元所檢查出之違法異動帳號、以及定時員工單位檢查單元所檢查出之滯留帳號,依據合法帳號清單儲存庫之合法帳號狀態向各帳號監控代理模組同步傳送帳號異動命令,也就是傳送刪除帳號、新增帳號、或修改帳號密碼命令至相對應之目標主機系統;以及一稽核寫入單元,係用以將包括帳號比對單元檢查出之違法異動帳號與定時員工單位檢查單元檢查出之滯留帳號之異常事件,傳送到稽核核心模組,此記錄包括事件形式、時間日期、異常事件來源、與異常事件描述;一組織人力資源模組,係用以存取企業組織人力資源系統之員工單位資料,並儲存與定時更新;一合法帳號清單儲存庫,係用以集中儲存本系統所揭露之資訊安全 帳號同步監控系統所需管理資料與合法狀態;一稽核模組,係用以接受操作與異常事件之紀錄,並於簽章後保存於受保護之儲存裝置中,而於檢視稽核紀錄時,需驗證簽章以保證稽核資料完整性與正確性;一網路分流模組,係用以涵蓋分割出來之子網域內所有主機系統,並將帳號管理命令跨子網域傳送之中介裝置;以及一帳號監控代理模組,係用以定時檢查所在主機系統上帳號是否發生違法異動帳號,並於此情況發生時,將所在主機系統之帳號與密碼傳送至帳號監控模組,以進行檢查出違法異動帳號,其中該帳號監控代理模組包括:一帳號摘要產生單元,係用以讀取主機系統上帳號密碼資料,然後將所有帳號密碼一個接一個以雜湊函數計算過後產生一個新帳號摘要;以及一定時帳號摘要檢查單元,係用以每隔間隔時間將所有帳號密碼由帳號摘要產生單元產生新帳號摘要,並同時透過帳號監控模組存取合法帳號清單儲存庫之主機系統舊帳號摘要,然後將新帳號摘要與主機系統舊帳號摘要進行比對動作,若比對結果不相符,則表示此主機系統之帳號被違法異動,並於此情況發生時,將此主機系統本端帳號列表傳送至帳號監控模組,以進行檢查出違法異動帳號。 An information security single account synchronization monitoring system for synchronizing and monitoring the account of a plurality of host systems for the information security account, refers to the synchronous synchronization monitoring of illegal transaction accounts, the timing synchronization monitoring of the detained accounts after employee transfer or separation, and the operation and abnormality The event auditing system record includes: an account monitoring module, which is used to compare the legal account list repository and find the illegal transaction account of the host system, and periodically check all user affiliated employees through the organization human resource module and find After the transfer or resignation of the detained account, the account transfer agent command is transmitted to the account monitoring agent module of the illegal transaction account and the detained account, wherein the account monitoring module includes: an account comparison unit for using the account monitoring agent module All the account passwords transmitted are compared to the legal account list one by one. If the comparison result is different, it is regarded as an illegal transaction account; when necessary, the employee unit inspection unit is used to store the inventory from the legal account list at intervals. Take a list of user accounts and then pass them one by one The human resources module accesses the employee unit data to check whether it is an already transferred or resigned employee. When a user account is found to be transferred or resigned, it is regarded as a stranded account; an account synchronization unit is used to compare the account number. The illegal transaction account checked by the unit and the detained account checked by the timed employee unit inspection unit are synchronously transmitted to the account monitoring agent module according to the legal account status of the legal account list repository, that is, the transmission deletion is performed. The account number, the new account number, or the modify account password command is sent to the corresponding target host system; and an audit write unit is used to check the illegal transaction account and the timed employee unit check unit included in the account comparison unit. The abnormal event of the stranded account is transmitted to the core module of the audit. The record includes the event form, time and date, source of the abnormal event, and description of the abnormal event. An organization human resource module is used to access the employee of the enterprise organization human resource system. Unit data, and storage and timing updates; a legal account list storage Library, centralized storage system to the system disclosed in the information security The management data and legal status required for the account synchronization monitoring system; an audit module is used to accept records of operations and abnormal events, and is stored in the protected storage device after the signature, and when reviewing the audit records, Verifying the signature to ensure the integrity and correctness of the audit data; a network shunt module is used to cover all host systems in the subnet domain that is segmented, and to transfer the account management commands across sub-domains; and The account monitoring agent module is used to periodically check whether the account on the host system has an illegal transaction account, and when the situation occurs, the account and password of the host system are transmitted to the account monitoring module to check the illegal transaction. The account, wherein the account monitoring agent module comprises: an account summary generating unit, configured to read the account password data on the host system, and then calculate all the account passwords one by one by a hash function to generate a new account summary; The timed account summary check unit is used to summarize all account passwords by account at intervals. The unit generates a new account summary, and simultaneously accesses the old account summary of the host account list in the legal account list repository through the account monitoring module, and then compares the new account summary with the host system old account summary, if the comparison result does not match, It means that the account of the host system is illegally changed, and when this happens, the host system local account list is transmitted to the account monitoring module to check the illegal transaction account. 如申請專利範圍第1項所述之資訊安全單一帳號同步監控系統,其中該組織人力資源模組包括:一員工單位資料,係用紀錄組織內部所有員工所隸屬的各級單位資料。 For example, the information security single account synchronization monitoring system described in claim 1 of the patent scope, wherein the organization human resource module includes: an employee unit data, which is used to record information of all units belonging to all employees within the organization. 如申請專利範圍第1項所述之資訊安全單一帳號同步監控系統,其中該合法帳號清單儲存庫包括:一使用者帳號列表,係用以儲存使用者帳號相關資料,而此列表至少包含可識別之使用者帳號名稱、員工編號、Email帳號、加密之帳號密碼、與帳號有效期限等; 一使用者帳號與主機系統關係列表,係用以儲存使用者帳號與主機系統之建立關係相關資料,即為某使用者帳號建立於某主機系統之上,而此列表至少包含可識別之使用者帳號、可識別之主機系統代號、與啟用狀態等;一主機系統舊帳號摘要,係用以儲存主機系統舊帳號摘要,而此列表至少包含可識別之主機系統代號與舊帳號摘要等;以及一主機系統預設帳號列表,係用以儲存主機系統之預設帳號列表,該預設帳號係為可執行某服務或應用程式所需於主機系統上建立之帳號,而此列表至少包含可識別之主機系統名稱、與預設帳號名稱等。 For example, the information security single account synchronization monitoring system described in claim 1 wherein the legal account list repository includes: a user account list for storing user account related data, and the list includes at least identifiable User account name, employee number, email account, encrypted account password, and expiration date of the account; A user account and a host system relationship list is used to store information related to the establishment relationship between the user account and the host system, that is, a user account is established on a host system, and the list includes at least an identifiable user. Account number, identifiable host system code, and enabled status; a host system old account summary is used to store the host system old account summary, and the list includes at least the identifiable host system code and the old account summary; The host system preset account list is used to store a preset account list of the host system, and the preset account is an account established on the host system required to execute a service or application, and the list includes at least an identifiable account. Host system name, and default account name. 如申請專利範圍第1項所述之資訊安全單一帳號同步監控系統,其中該稽核模組包括:一稽核核心單元,係用以將欲紀錄之事件之簽章,並連同事件形式、時間日期、操作人員類型、操作人員帳號、異動來源、與異動事件描述儲存於稽核儲存媒體中;以及一稽核儲存媒體,係用以儲存稽核資料,可以是受保護之檔案或資料庫。 For example, the information security single account synchronization monitoring system described in claim 1 wherein the audit module includes: an audit core unit for signing the event to be recorded, together with the event form, time and date, The operator type, operator account number, transaction source, and transaction event description are stored in the audit storage medium; and an audit storage medium is used to store the audit data, which may be a protected file or database. 如申請專利範圍第1項所述之資訊安全單一帳號同步監控系統,其中該網路分流模組包括:一主機系統對應單元,係用以解析帳號異動命令中之目標主機系統代碼,並將此命令傳送至該主機系統。 The information security single account synchronization monitoring system described in claim 1, wherein the network distribution module comprises: a host system corresponding unit, configured to resolve the target host system code in the account transaction command, and The command is passed to the host system. 如申請專利範圍第2項所述之資訊安全單一帳號同步監控系統,其中該帳號比對單元係用以比對之合法帳號列表包括:使用者帳號與主機系統關係列表與主機系統預設帳號列表。 For example, the information security single account synchronization monitoring system described in claim 2, wherein the account matching unit is used to compare the legal account list including: a user account and a host system relationship list and a host system preset account list. .
TW96108684A 2007-03-14 2007-03-14 Information security synchronous monitor single account system TWI470566B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW96108684A TWI470566B (en) 2007-03-14 2007-03-14 Information security synchronous monitor single account system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW96108684A TWI470566B (en) 2007-03-14 2007-03-14 Information security synchronous monitor single account system

Publications (2)

Publication Number Publication Date
TW200837647A TW200837647A (en) 2008-09-16
TWI470566B true TWI470566B (en) 2015-01-21

Family

ID=44820286

Family Applications (1)

Application Number Title Priority Date Filing Date
TW96108684A TWI470566B (en) 2007-03-14 2007-03-14 Information security synchronous monitor single account system

Country Status (1)

Country Link
TW (1) TWI470566B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI235913B (en) * 2002-12-11 2005-07-11 Foquest Advanced Inc Software utilization control method and system thereof
TWI240532B (en) * 2003-05-21 2005-09-21 Taiwan Semiconductor Mfg Account management system and managing method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI235913B (en) * 2002-12-11 2005-07-11 Foquest Advanced Inc Software utilization control method and system thereof
TWI240532B (en) * 2003-05-21 2005-09-21 Taiwan Semiconductor Mfg Account management system and managing method

Also Published As

Publication number Publication date
TW200837647A (en) 2008-09-16

Similar Documents

Publication Publication Date Title
US10769288B2 (en) Methods and systems for providing access control to secured data
AU2019206006B2 (en) System and method for biometric protocol standards
CN109525671B (en) Block chain-based data storage method, electronic device and storage medium
JP4759513B2 (en) Data object management in dynamic, distributed and collaborative environments
US7260555B2 (en) Method and architecture for providing pervasive security to digital assets
US8918839B2 (en) System and method for providing multi-location access management to secured items
CN111651521B (en) Electronic contract block chain structure, electronic contract signing device and method
US10360545B2 (en) Method and apparatus for accessing secured electronic data off-line
US20090300712A1 (en) System and method for dynamically enforcing security policies on electronic files
EP2092710B1 (en) System and method for remote forensic access
CN113495920A (en) Content auditing system, method and device based on block chain and storage medium
CN114003943B (en) Safe double-control management platform for computer room trusteeship management
CN112818335A (en) Method for managing and controlling safe operation and maintenance of privileged account
CN111107044A (en) Data security management method and information management platform
CN114218194A (en) Data bank safety system
Chandramouli et al. Security guidelines for storage infrastructure
Harmening Security management systems
Lakhe Practical Hadoop Security
CN110445804A (en) A kind of safe handling protection system about outgoing document
CN110572279A (en) Security management system for privileged account
TWI470566B (en) Information security synchronous monitor single account system
Karlzén An Analysis of Security Information and Event Management Systems-The Use or SIEMs for Log Collection, Management and Analysis
CN111324872A (en) Method and system for redirected centralized audit of login records and operation records
CN117708826A (en) Cloud desktop digital operation and maintenance management system
Horwath Setting up a database security logging and monitoring program

Legal Events

Date Code Title Description
MM4A Annulment or lapse of patent due to non-payment of fees